Introduction to HAproxy

Others 2022-04-21 23:15:25 views: 0

Introduction to HAproxy

(1) HAProxy is a proxy software that provides high availability, load balancing and applications based on TCP (Layer 4) and HTTP (Layer 7), supports virtual hosts, and is a free, fast and reliable solution. HAProxy is especially useful for heavily loaded web sites that often require session persistence or Layer 7 processing. HAProxy runs on current hardware and can fully support tens of thousands of concurrent connections. And its mode of operation makes it easy and secure to integrate into your current architecture, while protecting your web server from being exposed to the network.

(2) HAProxy implements an event-driven, single-process model that supports a very large number of concurrent connections. A multi-process or multi-threaded model is limited by memory constraints, system scheduler constraints, and ubiquitous locks, and can rarely handle thousands of concurrent connections. The event-driven model does not have these problems because it implements all these tasks on the user-space (User-Space) with better resource and time management. The downside of this model is that these programs typically scale less well on multi-core systems. That's why they have to optimize to make more work per CPU time slice (Cycle).

(3) HAProxy supports connection rejection: Because the overhead of maintaining a connection open is very low, sometimes we need to limit attack worms (attack bots), that is to say, limit their connection opening to limit their harm. This has been developed for a website caught in a small DDoS attack and has been rescued

There are many sites, and this advantage is not available in other load balancers.

(4) HAProxy supports fully transparent proxy (already has the typical characteristics of hardware firewall): you can use the client IP address or any other address to connect to the backend server. This feature is only available after the Linux 2.4/2.6 kernel is patched with cttproxy Use. This feature also makes it possible to handle some traffic for a particular server without changing the server's address.

performance

HAProxy uses several common technologies on the OS to maximize performance.

1. The single-process, event-driven model significantly reduces context switching overhead and memory usage.

2, O(1) event checker (event checker) allows it to achieve instant detection of any event of any connection in high concurrent connections.

3. In any available case, the single buffering mechanism can complete read and write operations without copying any data, which will save a lot of CPU clock cycles and memory bandwidth;

4. With the help of the splice() system call on Linux 2.6 (>= 2.6.27.19), HAProxy can implement zero-copy forwarding and zero-copy startup in Linux 3.5 and above OS. -starting);

5. The memory allocator can realize instant memory allocation in a fixed-size memory pool, which can significantly reduce the time to create a session;

6. Tree storage: It focuses on using the elastic binary tree developed by the author many years ago, and realizes the low overhead of O(log(N)) to keep timer commands, keep running queue commands, and manage polling and least connection queues;

7. Optimized HTTP header analysis: The optimized header analysis function avoids rereading any memory area during the HTTP header analysis process;

8. Expensive system calls are carefully reduced, and most of the work is done in user space, such as time reading, buffer aggregation, and enabling and disabling of file descriptors;

All these subtle optimizations achieve a fairly low CPU load on medium-scale workloads, even in very high-load scenarios, 5% user space occupancy and 95% system space occupancy. Very common phenomenon, this means that HAProxy process consumption is more than 20 times lower than system space consumption. Therefore, performance tuning of the OS is very important. Even with doubling the occupancy of user space, its CPU occupancy is only 10%, which explains why 7-layer processing has limited performance impact. As a result, the Layer 7 performance of HAProxy can easily exceed hardware load balancing devices on high-end systems.

In a production environment, the use of HAProxy on Layer 7 processing as an emergency solution in the event of a failure of an expensive high-end hardware load balancing device is also visible for a long time. Hardware load balancing devices process requests at the "packet" level, which makes it difficult to support requests across multiple packets, and they don't buffer any data, so they have long response times. Correspondingly, the software load balancing device uses TCP buffering, which can create extremely long requests and have a long response time.

There are currently three main versions of HAProxy: 1.3, 1.4, 1.5, and the RPM package that comes with CentOS6.6 is 1.5.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324660277&siteId=291194637
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com